Abstract
Cyberattacks are always a big threat for companies and organizations worldwide. The impact of the security breach affects the financial, reputational, and legal areas of the companies and organizations. So, the demand is high for a rapid solution to detect cyberattacks as early as possible. Advanced persistent threats (APTs) are sophisticated and targeted cyberattacks which have long persistence inside the network. During an APT, the attacker will expand its reach over the network. This stage is called lateral movement, which is the very important stage in APT. In this paper, the importance of identifying the APT in the early stage and how it can be detected using the machine learning approach is discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Pone Mon Institute LLC, Cost of a data breach study: global overview. Technical report (2018)
P. Chen, L. Desmet, C. Huygens, A study on advanced persistent threats. 8735 (2014)
R. Bace, Intrusion detection. Macmillan Technical Publishing, 201 West 103rd Street, Indianapolis, IN 46290, 2000
K. Scarfone, P. Mell, Guide to intrusion detection and prevention systems (IDPS). Technical report 800–94, National Institute of Standards and Technology, Gaithersburg, MD 20899–8930, Feb 2007
S. Wagh, V. Pachghare, S. Kolhe, Survey on intrusion detection system using machine learning techniques. Int. J. Comput. Appl. 78(16) (2013)
L. haripriya, M.A. Jabbar, A novel intrusion detection system using ANN and feature subset selection. Int. J. Eng. Technol. (2018)
N. Farnaaz, M.A. Jabbar, in Random Forest Modeling for Network Intrusion Detection System (Elsevier, Science Direct, 2016)
A. Sultana, M.A. Jabbar, Intelligent network intrusion detection system using data mining techniques, in IEEE Explore 2017
M.A. Jabbar, R. Aluvalu, S. Sai Satyanarayana Reddy, in RFAODE: A Novel Ensemble Intrusion Detection System (Elsevier, ICACC-2017)
M. Nikhitha, M.A. Jabbar, K nearest neighbor based model for intrusion detection system. Int. J. Recent Technol. Eng. (IJRTE) 8(2) (2019). ISSN: 2277-3878
M. Ranzato, Y.L. Boureau, Y. LeCun, Sparse feature learning for deep belief networks, in Advances in Neural Information Processing Systems (MIT Press, Cambridge, MA, USA, 2008), pp. 1185–1192
F. Lv, M. Han, T. Qiu, Remote sensing image classification based on ensemble extreme learning machine with stacked autoencoder. IEEE Access 5, 9021–9031 (2017)
H. Karimipour, V. Dinavahi, On false data injection attack against dynamic state estimation on smart power grids, in 2017 5th IEEE International Conference on Smart Energy Grid Engineering (SEGE, 2017)
I. Ullah, Detecting lateral movement attacks through SMB using bro. Master’s thesis, University of Twente, November 2016
Extending BloodHound, Red team Adventures, 6 February 2020. Available: https://riccardoancarani.github.io/2020-02-06-extending-bloodhound-pt1/
G.K. Befekadu, V. Gupta, P.J. Antsaklis, Risk-sensitive control under markov modulated denial-of-service (DoS) attack strategies. IEEE Trans. Autom. Control 60(12), 3299–3304 (2015)
H. Bourlard, Y. Kamp, Auto-association by multilayer perceptrons and singular value decomposition. Biol. Cybern. 59(4–5), 291–294 (1988)
G.E. Hinton, G.E. Hinton, R.S. Zemel, in Autoencoders, Minimum Description Length and Helmholtz Free Energy (1994)
C.S. Wickramasinghe, D.L. Marino, K. Amarasinghe, M. Manic, Generalization of deep learning for cyber-physical system security: a survey, in Proceedings of the IECON 2018–44th Annual Conference of the IEEE Industrial Electronics Society (Washington, DC, USA, 2018), pp. 745–751
K. Fukushima, Cognitron: a self-organizing multilayered neural network. Biol. Cybern. 20, 121–136 (1975)
A.N. Jahromi, J. Sakhnini, A. Dehghantanha, A deep unsupervised representation learning approach for effective cyber-physical attack detection and identification on highly imbalanced data, pp. 2–11
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Chacko, A.A., Edwin, B., Thanka, M.R. (2022). Detecting the Lateral Movement in Cyberattack at the Early Stage Using Machine Learning Techniques. In: Peter, J.D., Fernandes, S.L., Alavi, A.H. (eds) Disruptive Technologies for Big Data and Cloud Applications. Lecture Notes in Electrical Engineering, vol 905. Springer, Singapore. https://doi.org/10.1007/978-981-19-2177-3_54
Download citation
DOI: https://doi.org/10.1007/978-981-19-2177-3_54
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-2176-6
Online ISBN: 978-981-19-2177-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)